-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1719 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1719 2004-06-16 - --------------------------------------------------------------------- Name : tripwire Version 7.3 : 2.3.1-20.legacy.7x Version 9 : 2.3.1-20.legacy.9 Summary : A system integrity assessment tool. Description : Tripwire is a very valuable security tool for Linux systems, if it is installed to a clean system. Tripwire should be installed right after the OS installation, and before you have connected your system to a network (i.e., before any possibility exists that someone could alter files on your system). When Tripwire is initially set up, it creates a database that records certain file information. Then when it is run, it compares a designated set of files and directories to the information stored in the database. Added or deleted files are flagged and reported, as are any files that have changed from their previously recorded state in the database. When Tripwire is run against system files on a regular basis, any file changes will be spotted when Tripwire is run. Tripwire will report the changes, which will give system administrators a clue that they need to enact damage control measures immediately if certain files have been altered. After installing this package, run /etc/tripwire/twinstall.sh to generate cryptographic keys and run tripwire --init to initialize the database. - --------------------------------------------------------------------- Update Information: http://www.securityfocus.com/archive/1/365036/2004-06-01/2004-06-07/2 : Tripwire(tm) is a Security, Intrusion Detection, Damage Assessment and Recovery, Forensics software. A vulnerability in the product allows a user on the local machine under certain circumstances to execute arbitrary code with the rights of the user running the program (typically root). - --------------------------------------------------------------------- Changelog: 7.3: * Tue Jun 15 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> 2.3.1-20.legacy.7x - - Added gcc-c++ as a BuildReq - - Changed version number to allow for 7.x to bump w/out touching 9 * Fri Jun 04 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.3.1-18.legacy - - Added patch for format string vulnerability (FL #1719) 9: * Tue Jun 15 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> 2.3.1-20.legacy.9 - - Added gcc-c++ - - Altered version for 7.x/9 independence. * Fri Jun 04 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.3.1-19.legacy - - Added patch for format string vulnerability (FL #1719) - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ b266219a8b7d05e35e2dba5c7a33bb15d518f7ad 7.3/updates-testing/SRPMS/tripwire-2.3.1-20.legacy.7x.src.rpm e7649912f208a73276c16cffcb4dfb19e23bad9c 7.3/updates-testing/i386/tripwire-2.3.1-20.legacy.7x.i386.rpm c65f628b723c3280d2cce0484ba5e8163081e1e8 9/updates-testing/SRPMS/tripwire-2.3.1-20.legacy.9.src.rpm 321d6537458ef99779be8f5377ea94695c6e1b5f 9/updates-testing/i386/tripwire-2.3.1-20.legacy.9.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. - --------------------------------------------------------------------- - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0RZG4v2HLvE71NURAqS1AKCnnxwgsO+BQCt5tQXo6amvs+ItSgCgjsNO nGSlPD0Oca2/FTu6H51Bl3I= =abiM -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list